On proof… by Craig S. Wright
Este es uno de los tantísimos textos que he encontrado a lo largo de mi extenuada investigación sobre Craig, se trata de un texto que esta pegado en forma de foto en una web donde se pueden colgar fotos de forma gratuita, al parecer es una explicación de los distintos textos, libros, grados académicos que Craig ha ido recopilando a lo largo de los años (hasta el 2012)
Personalmente muchos de esos documentos los he podido encontrar en internet (simplemente googleando), aun se encuentran alojados en distintas plataformas y tengo una copia de muchos de ellos (no de todos), al igual que tengo una foto de muchos de sus títulos en mis canales de Telegram:
Los textos que para mí tienen mayor relevancia son los escritos anteriores al 2009, se puede apreciar cuales eran los campos en los que Craig estaba mas focalizado y lo que puede dar una explicación de todos los campos que abarca Bitcoin, tal y como dice en un mail escrito en 2007 cuando trabajaba en BDO
why isn´t full disk encryption from manufactures a slam dunk?
solve this issue and be a billionaire
¿Por qué el cifrado del disco completo, para los fabricantes, no es pan comido?
solventa ese problema y te convertirás en multimillonario.
Aquí dejo el texto original como su titulo dice, «como prueba»
On proof…by Craig S. Wright
It seems that I have to do this every couple years and each time it is generally worse as I have added to the list. In recent months I have been causing trouble again and as such there are always those who choose not to believe me or to engage in an attack on my character as a solution to not addressing the issue at hand. Let us start with career and that I am the VP of GICSR in Australia. Other than using an email address at GICSR, I am listed on the board as a director. Next, I am a trustee with the Uniting Church Trust Fund and am otherwise involved with the UC. That is me on page two of the funds newsletter where I had been accepted in the appointment. I have shaved, but it is still me in the photo. My role at Charles Sturt University is noted below and I have staff ID 11293457 if you want to actually check that. On certifications. I hold the three platinum certifications GSE, GSE-Malware and GSE-Compliance from GIAC. I will add my SANS/GIAC certs. I have more than any other person globally (not a boast, it is a fact). This is 37 Certs from GIAC alone. Click the link if you do not believe me. The answer is not just to believe this, validate it. All up, with Cisco and others I have over 100 certifications. Now, do you really care if you believe the total? Not really, and does it matter, not really. Some of those will start to disappear as I cannot maintain them and actually have a life anymore.
I have 27 recertification’s next year that I will do at a cost of over $11,000. I will let some lapse. Degrees and more I am not going to cover all of my degrees any more. I will not discuss more than post graduate and a list of the papers associated with my doctoral work and I will simply cover those related to my profession here. I will not discuss my role as a lay pastor or theology degree other than face to face and only whit those I choose to discuss it with. There is enough to know I am involved with the Uniting Church and I am not here to convert people. If you are an atheist, that is your choice and I will not try to sway you at all. The thing is, atheism is also a belief. It is not and cannot be proven with science and hence is in a way also a religion even if in the negative. I do not wish to debate this (unless it is face to face, I like you and there is wine involved). If you are not happy with my post graduate qualifications, adding undergraduate qualifications right down to the associate degree level will add little. Then, does my having an Associate degree in Science (Organic Chemistry, Fuel sciences) add anything to my role in digital forensics and information security. If you really want to know what these are, there are old posts that searching will eventually uncover. As for the bio and claim that I am “a perpetual student with numerous post graduate degrees including an LLM specializing in international commercial law and ecommerce law, a Masters Degree in mathematical statistics from Newcastle as well as working on his 4th IT focused Masters degree (Masters in System Development) from Charles Sturt University where he lectures subjects in a Masters degree in digital forensics. He is writing his second doctorate, a PhD on the quantification of information system risk at CSU.” Charles Sturt University The masters degrees from CSU are: MMgmt(IT) – Masters of Management (IT) MNSA – Master of Network and System Admin MInfoSysSec – Master of Master Information Systems Security MSysDev – Master of System Development (nearly complete… I am just running out of subjects to do at the University. I even needed to take one where I was the author of the text just to have the credit points). Next year I complete my second doctorate. I also have two other Masters degrees not from CSU (the 4 they note in the link are those listed above), a Masters in Statistics (Newcastle AU) as well as a Masters in Law (Northumbria, UK).
I am also doing the SANS Masters degree and have one more thing to complete this. That will give me 2 doctorates, 7 masters degrees and 8 other degrees. It is not too difficult to check that I am enrolled in the MSISE at the SANS Technology Institute (Master of Information Systems Engineering). Other than having presentations on the site (see this link) it would be crazy for me to state this. I have 37 GIAC certifications (which is most of either of the STI masters degrees. If I was to misrepresent my status at SANS/GIAC, the ethics policy means I will lose them all. So, first it is simple to actually check AND I have too much to lose in lying. I do this every couple years. Here is a link to a past time I had to do the same. Northumbria University I completed a Masters in Law in a UK based University. This is: LLM Northumbria – Master of Law (International Commerce Law, Ecommerce Law with commendation). PG Diploma in Law My dissertation was on «Internet Intermediary Liability«. I received a commendation. If you need to check, I had Student Number: 05024288 Newcastle University MSTAT – Master of Statistics I was student number 3047661 at the University of Newcastle here in Australia. My thesis that I wrote to complete this degree was on “The homogeneity of Variances”. I analysed and tested many of the common statistical methods used in homogeneity tests in statistics (such as the Levene tests). Why? The links are associated with universities and others, so it is not too difficult to check me out. I am not stopping you.
The only thing I do not wish to discuss openly is my role with the Uniting Church. My theological belief is one of the few things that remains personal and more than the stuff the church posts publically about me (which I attempt to minimise) I will not discuss. If you believe that my trying to maintain one personal and private thing in my life means I am lying, believe as you will. It does not impact my chosen career in information security and nor does it detract from this. Contrary to the believe structure some hold, one CAN be a doctor of the church as well as a scientist. Religion and Science do not overlap and nor should one seek to make them do so. We can never prove nor disprove the existence of any religion or other spiritual belief structure.
This is why I also preach tolerance. I believe I am correct as far as I can be (and that is about zero as the human mind is too small to comprehend the infinite in any extent and any person who tells you differently is a liar or a fool). I comprehend and believe in my way, others in their own. Is Islam, Catholicism, Judaism etc right? Yes and no. Am I right, yes and know. Basically, we see a small aspect of the infinite and that is all we ever will. We can be right and wrong at the same time and will never be completely right as we cannot hold the concept of an infinite in our heads (and I have studied large number theory). In a way, I hate having to do this each few years. In this, I have scratched the surface of what I have done and that leaves many in disbelief. That stated, I fail in humility for this as well as other reasons. On Sanity I guess that the final aspect of this is on sanity. I have been accused of being insane for doing all I do. To take a quote from one of my doctoral supervisors: “Craig, you have a doctorate, why on earth would you want to go through this again. It is insane.” I love study. I can do it and I am good at it. I do not need to do formal study, but I like it. I enjoy the structure. I like the process and it means that I do more. I do not watch sport (I do play sport but there is a distinction) and I do not watch TV. Formal study is MY form of relaxation.
To those people (usually without degrees) who keep attacking me and saying I cannot have done this, I offer you the chance to validate all of it. Now, the answer is that you can do something. Instead of engaging in an exercise designed to cut down tall poppies and to attack those who have done something, why not do something yourself? I will (and have in the past) helped others. I will do this for nearly anyone (none of us are not perfect and that includes me).
There are ways that anyone can study these days. In fact, I am more than happy to help all I can to have people achieve this. Instead of attacking the character of others you see as frightening (and this really is what this is about), how about you spend the time doing a qualification yourself? Really, my email is public. I keep offering, instead of attacking the accomplishments of others, add to your own. I offer this and from time to time, people take me up on it. This is, I offer to help others improve their education. Not for money, not for fame, but as I want to have a better aware and education world. In this, I also benefit as a more educated (practically) world is one that will have fewer (though always some) issues and which could be more tolerant.
Certification and membership numbers A limited subset of certifications I hold is listed below:
CISSP # 47302 (ICS)2 Certified Information Systems Security Professional ISSMP # 47302 (ICS)2 Information Systems Security – Management Professional ISSAP # 47302 (ICS)2 Information Systems Security – Architecture Professional CISA # 0542911 IS Audit and Control Association – Certified Information Systems Auditor CISM # 0300803 IS Audit and Control Association – Certified Information Security Manager CCE # 480 ISFCE – Certified Computer Examiner ISSPCS # 051 International Systems Security Professional Certification Scheme MCSA # 3062393 Microsoft Certified Systems Administrator MCSE # 3062393 Microsoft Certified Systems Engineer MCSE # 3062393 Microsoft Certified Systems Engineer (Mail) MCSE # 3062393 Microsoft Certified Systems Engineer (Security) MCDBA # 3062393 Microsoft Certified Database Administrator MIEEE # 87028913 Member IEEE AFAIM # PM133844 Associate Fellow Aust Inst. Management (lapsed now as I have been culling memberships – they cost too much to maintain) MACS # 3015822 Senior Member Aust Computer Society GIAC… NOT ALLL GSE-Compliance #0001 [Platinum] GIAC Security Compliance (GSE-Compliance) GSEC # 10506 [Gold] GIAC Security Essentials Certification (GSEC) GCIH # 06896 [Silver] GIAC Certified Incident Handler GCIA # 02913 [Silver] GIAC Certified Intrusion Analyst GCFW # 01891 [Silver] GIAC Certified Firewall Analyst GCWN # 01234 [Silver] GIAC Certified Windows Security Administrator GAWN # 00894 [Silver] GIAC Assessing Wireless Networks GCUX # 00587 [Silver] GIAC Certified UNIX Security Administrator GNET # GIAC .Net GSLC # GIAC Security Leadership Certification GHTQ # 00368 [Silver] GIAC Cutting Edge Hacking Techniques G7799 # 0039 [GOLD] GIAC Certified ISO-17799 Specialist (G7799) GCFA # 0265 [GOLD] GIAC Certified Forensics Analyst (GCFA) GSNA # 0571 [GOLD] GIAC Systems and Network Auditor (GSNA) GSAE # 00141 [Silver] GIAC Security Audit Essentials (GSAE) GLEG # 0006 [GOLD] GIAC Legal Issues (GLEG) GLEG Incorporates GIAC Business Law and Computer Security (GBLC) GLEG Incorporates GIAC Contracting for Data Security (GCDS) GLIT GLEG Incorporates GIAC Legal Issues in Information Technologies (GLIT) GLFR # 0016 GIAC Law of Fraud (GLFR) GREM # 0586 GIAC Reverse Engineering Malware (GREM) GPCI # 0086 GIAC Payment Card Industry (GPCI) GSPA # 0101 GIAC Security Policy and Awareness (GSPA) GLDR # 0101 GIAC Leadership (GLDR) GWAS # 0535 GIAC Web Application Security (GWAS) GIPS # 0036 GIAC Intrusion Prevention (GIPS) SSP-MPA # 0416 Stay Sharp Program – Mastering Packet Analysis (SSP-MPA) SSP-GHD # 0246 Stay Sharp Program – Google Hacking and Defense (SSP-GHD) SSP-DRAP # 0171 Stay Sharp Program – Defeating Rogue Access Points (SSP-DRAP)
Papers / Publications: Peer Reviewed Papers Right now, I have a further 8 papers in peer review. The following are all accepted and/or published. 2012 (Accepted)
- Wright, C. (2012, February). Hacktivism, terror and the state: The Importance of Effectively Enforcing Cyber Security Legislation. Paper to be presented at the 10th Anniversary National Security Australia Conference. 2011
- Wright, C. (2011, December) Who pays for a security violation? An assessment into the cost of lax security, negligence and risk, a glance into the looking glass. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering.
.
- Wright, C. (2011, December) Current issues and liability facing Internet Intermediaries. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering.
- Wright, C. (2011, December) Criminal Specialization as a corollary of Rational Choice. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering. Wright, C. (2011, December) A preamble into aligning Systems engineering and Information security risk measures. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering.
- Wright, C. & Via, T. (2011, December) Modeling System Audit as a Sequential test with Discovery as a Failure Time Endpoint. Paper to be presented at the International Conference on Business Intelligence and Financial Engineering.
- Wright, C. (2011) “Exploiting format Strings with Python” Hakin9
- Wright, C. (2011) “More Exploits with Python” Hakin9
- Wright, C. (2011, September) Of Black Swans, Platypii and Bunyips. The outlier and normal incident in risk management. Paper presented at CACS2011 Australia.
- Wright, C. & Zia, T. (2011, July) Compliance or Security, what cost? (Poster)” Australasian Conference on Information Security and Privacy.
- Wright, C. (2011) “A comparative study of attacks against Corporate IIS and Apache Web Servers” Sans Technology Inst, USA
- Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA
- Wright, C. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” Republished and extended Paper, Sans Technology Inst, USA
- Wright, C. & Zia T (2011) ”Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls” CISIS Spain
- Wright, C. & Zia T (2011 )”A Quantitative Analysis into the Economics of Correcting Software Bugs” CISIS Spain 2010
- Wright, C. (2010) “Software, Vendors and Reputation: an analysis of the dilemma in creating secure software” Intrust 2010 China
- Wright, C. & Zia T (2010) “The Economics of Developing Security Embedded Software” SecAU Australia
- Wright, C. (2010) “The not so Mythical IDS Man-Month: Or Brooks and the rule of information security” ISSRE USA
- Wright, C. (2010) “Packer Analysis Report – Debugging and unpacking the NsPack 3.4 and 3.7 packer.” Sans Technology Inst, USA 2009
- Wright, C. (2009) “Effective Patch Management – Saving Time and Getting Better Security” MISTI USA
- Wright, C. (2009) “Database Auditing” Testing Experience, Germany
- Wright, C. (2009) “SaaS Security” MISTI USA
- CISecurity (Multiple) (2009) CIS BIND Benchmarks” Centre For Internet Security, USA 2008
- Wright C, Kleiman D & Sundhar R.S. (2008) “Overwriting Hard Drive Data: The Great Wiping Controversy” Lecture Notes in Computer Science (Springer Berlin / Heidelberg)
- Wright, C. (2008) “Detecting Hydan: Statistical Methods For Classifying The Use Of Hydan Based Stegonagraphy In Executable Files” Sans Technology Inst USA
- Wright, C. (2008) “Using Neural Networks” Google
- Wright, C. (2008) “Ensuring secure data transfer and data sharing” DQ Asia Pacific
- Wright, C. (2008) “Record and Document Destruction in a Digital World” IT Security World, USA
- Wright, C. (2008) “Managing Security in a Global Company” IT Security World, USA
- Wright, C. (2008) “A Quick and Nasty overview of finding TrueCrypt Volumes” Sans Technology Institute
- Wright, C. (2008) “Exploring Data Visualisation” Strategic Data Mining
- Wright, C. (2008) “Statistical Methods to Determine the Authenticity of Data” CACS2008, Au
- Wright, C. (2008) “Text Data Mining, the future of Digital Forensics” Hex Journal USA
- Wright, C. (2008) “Compliance, law and Metrics: What you need to meet and how you prove it” SANS ACT
- Wright, C. (2008) “Current Issues in DNS” Sans Technology Inst, USA
- Wright, C. (2008) “Advanced Methods to Remotely Determine Application Versions” NS2008 LV, USA
- Wright, C. (2008) “An in-depth review of the security features inherent in Firefox 3.0 Compared to IE 8.0” iDefense, USA 2007
- Wright, C. (2007) “The Problem With Document Destruction” ITAudit, Vol 10. 10 Aug 2007, The IIA, USA
- Wright, C. (2007) “Requirements for Record Keeping and Document Destruction in a Digital World” Sans Technology Inst, USA
- Wright, C. (2007) “Electronic Contracting in an Insecure World” Sans Technology Inst, USA
- Wright, C. (2007) “The Problem with Document Destruction” IRMA UK (Republished)
- Wright, C. (2007) “Ethical Attacks miss the point!” System Control Journal ISACA
- Wright, C. (2007) “Where Vulnerability Testing fails” System Control Journal ISACA
- Wright, C. (2007) “Application, scope and limits of Letters of Indemnity in regards to the International Law of Trade” Internal Publication, BDO Aug 2007
- Wright, C. (2007) “UCP 500, fizzle or bang” Internal Publication, BDO July 2007 2006
- Wright, C. (2006) “Port Scanning A violation of Property rights” Hakin9
- Wright, C. (2006) “A Taxonomy of Information Systems Audits, Assessments and Reviews” SANS Technology Inst USA
- Wright, C. (2006) “RISK & Risk Management” 360 Security Summit AU
- Wright, C. (2006) “A QUANTITATIVE TIME SERIES ANALYSIS OF MALWARE AND VULNERABILITY TRENDS” Ruxcon AU 2005
- Wright, C. (2005) “Analysis of a serial based digital voice recorder” Published 2006 SANS Technology Inst USA
- Wright, C. (2005) “Implementing an Information Security Management System (ISMS) Training process” SANS Darling Harbour AU
- Wright, C. (2005) “Beyond Vulnerability Scans — Security Considerations for Auditors” ITAudit, The IIA, USA
- Wright, C. (2005) “PCI Payment Card Industry Facts” Retail Industry journal, July 2005 2001
- Multiple Authors (1999) “Windows NT Security Step by Step” SANS Technology Inst USA 2000
- Ashbury A & Wright, C. (2000) “DNS Security in Australia” Net Security, June 2000. 1999
- Wright, C. (1999) “A Comparative analysis of Firewalls” in “The Internet Hot Sheet” ATT Sept 1999
Books / Book Chapters
- Wright, C. (2008) “0123456789The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments 0123456789” Syngress USA
- Litchko, J; Lang, D; Hennell , C; Wright, C & Linden, M V (2011) ““0123456789Official (ISC)2 Guide to the CISSP(R)-ISSMP(R) CBK0123456789” CRC Press, ISC2 USA
- Kleiman, D; Wright, C; Varsalone, V& Clinton, T (2007) “0123456789The Official CHFI Study Guide0123456789” (Exam 312-49) (Paperback)” Syngress, USA 2007 This book is used as a text for ITE-513 at Charles Sturt University
- Multiple Authors (2009) “0123456789Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity0123456789”, Syngress Press
- Multiple Authors (2009) “0123456789Mobile Malware Attacks and Defense0123456789”, Syngress Press
- Multiple Authors (2008) “0123456789Check Point NGX R65 Security0123456789” Syngress, USA This book is used as a text at Charles Sturt University
- Multiple Authors (2008) “0123456789Mobile Malicious Code0123456789” Syngress, USA
- Multiple Authors (2008) “0123456789Best Forensic Book0123456789” Syngress, USA In 2012 the following book will be published by Taylor Francis Academic
Dejar un comentario
¿Quieres unirte a la conversación?Siéntete libre de contribuir!